summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorFlorian Dold <florian.dold@gmail.com>2019-06-26 23:33:15 +0200
committerFlorian Dold <florian.dold@gmail.com>2019-06-26 23:33:15 +0200
commit87649e856a041414cb63c2a2f02a76ca1c6e482d (patch)
tree31c59f663c6364142c3740369a675b2257c2fda4 /src
parentbb432724fcaefaabbcf24a880e71375b95ae6cb1 (diff)
downloadexchange-87649e856a041414cb63c2a2f02a76ca1c6e482d.tar.gz
exchange-87649e856a041414cb63c2a2f02a76ca1c6e482d.tar.bz2
exchange-87649e856a041414cb63c2a2f02a76ca1c6e482d.zip
wire signatures: produce better warning
Produce a better warning when the wire signature file is signed by a different key than the one we're checking the signature with.
Diffstat (limited to 'src')
-rw-r--r--src/json/json_wire.c18
1 files changed, 16 insertions, 2 deletions
diff --git a/src/json/json_wire.c b/src/json/json_wire.c
index d5f095f76..7a4b4a5d9 100644
--- a/src/json/json_wire.c
+++ b/src/json/json_wire.c
@@ -105,12 +105,21 @@ TALER_JSON_exchange_wire_signature_check (const json_t *wire_s,
{
const char *payto_url;
struct TALER_MasterSignatureP master_sig;
+ struct TALER_MasterPublicKeyP master_pub_from_wire;
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_string ("url", &payto_url),
GNUNET_JSON_spec_fixed_auto ("master_sig", &master_sig),
+ GNUNET_JSON_spec_fixed_auto ("master_pub", &master_pub_from_wire),
GNUNET_JSON_spec_end ()
};
+ if (0 != memcmp (&master_pub_from_wire, master_pub))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "wire signature has an unexpected master public key\n");
+ return GNUNET_SYSERR;
+ }
+
if (GNUNET_OK !=
GNUNET_JSON_parse (wire_s,
spec,
@@ -136,13 +145,18 @@ TALER_JSON_exchange_wire_signature_make (const char *payto_url,
const struct TALER_MasterPrivateKeyP *master_priv)
{
struct TALER_MasterSignatureP master_sig;
+ struct TALER_MasterPublicKeyP master_pub;
+
+ GNUNET_CRYPTO_eddsa_key_get_public (&master_priv->eddsa_priv,
+ &master_pub.eddsa_pub);
TALER_exchange_wire_signature_make (payto_url,
master_priv,
&master_sig);
- return json_pack ("{s:s, s:o}",
+ return json_pack ("{s:s, s:o, s:o}",
"url", payto_url,
- "master_sig", GNUNET_JSON_from_data_auto (&master_sig));
+ "master_sig", GNUNET_JSON_from_data_auto (&master_sig),
+ "master_pub", GNUNET_JSON_from_data_auto (&master_pub));
}